CVE request: pam_mount: conf: re-add luserconf security checks
Eugene Teo
eteo at redhat.com
Sat Sep 6 00:42:39 UTC 2008
Till Maas wrote:
> On Fri September 5 2008, Till Maas wrote:
>
>> pam_mount just released an update that fixes a security vulnerability:
>> https://sourceforge.net/project/shownotes.php?release_id=624240
>
> Will someone create the needed tracking bugs[1] for this and maybe request /
> assign a CVE number?
This email was posted in fedora-security-list at rc.
v0.47 (September 04 2008)
=========================
This release incorporates a security fix (item 3 on the list).
All administrators who have enabled <luserconf> in the configuration
file should upgrade. A workaround is to comment out <luserconf>.
- mount.crypt: add missing null command to conform to sh syntax
(SF bug #2089446)
- conf: fix printing of strings when luser volume options were not ok
- conf: re-add luserconf security checks
[...]
https://sourceforge.net/project/shownotes.php?release_id=624240
http://dev.medozas.de/gitweb.cgi?p=pam_mount;a=commitdiff;h=33b91d7659ae3aa78b1e94fd3f8e545ae5ff25db
Thanks, Eugene
--
Eugene Teo / Red Hat Security Response Team
More information about the Fedora-security-list
mailing list